PRECEDENTIAL
UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT ____________
No. 20-2890 ____________
UNITED STATES OF AMERICA
v.
ANKUR AGARWAL, Appellant ____________
On Appeal from the United States District Court for the District of New Jersey (D.C. No. 2-19-cr-00770-01) District Judge: Honorable Susan D. Wigenton ____________
Submitted under Third Circuit LAR 34.1(a) November 8, 2021
Before: HARDIMAN, MATEY, and SCIRICA, Circuit Judges.
(Filed: February 3, 2022) Tor B. Ekeland Tor Ekeland Law, PLLC 30 Wall Street 8th Floor New York, NY 10005 Counsel for Appellant
Rachael A. Honig Mark E. Coyne Richard J. Ramsay John F. Romano Office of United States Attorney 970 Broad Street Room 700 Newark, NJ 07102 Counsel for Appellee
____________
OPINION OF THE COURT ___________
HARDIMAN, Circuit Judge.
In this appeal, Ankur Agarwal asks us to vacate or modify the 94-month sentence he received after he pleaded guilty to aggravated identity theft and violations of the Computer Fraud and Abuse Act (CFAA). Agarwal argues his plea was unknowing because he could not have reasonably foreseen the nearly $3,000,000 in losses that would be attributed to his CFAA violations. The record demonstrates otherwise. Agarwal signed the plea agreement aware that the
2 loss amount was disputed and waived the right to appeal his sentence. We will affirm.
I
Agarwal was a contract network engineer and had security credentials that granted him access to the corporate offices and internal networks of several telecommunications companies. By early 2017, Agarwal’s contract with two companies had ended, but his credentials remained active. For over a year, Agarwal repeatedly used his credentials without authorization to enter the companies’ offices, log into their networks, and monitor their activities.
But that’s not all. To maintain access to one company’s internal computers, he installed key-logging software to obtain the usernames and passwords of other employees. He installed unauthorized hardware onto the company’s network, which he then used to access the network remotely. And he installed computer code that enabled him to surreptitiously transfer information related to technology the company was developing. Agarwal also began using a vacant office on the company’s premises without authorization. From there he accessed the company’s network, studied the company’s software, reviewed email, and made personal phone calls.
Agarwal also infiltrated the network of a second company. He obtained employees’ login credentials and transferred information about technology the company was developing. To gain access to the company’s premises, he used the personal identification information of another person and induced the company to create an access badge in that person’s name.
3 The companies eventually learned of Agarwal’s unauthorized activities and devoted significant resources to investigate and remediate the breaches. Cybersecurity employees reviewed months of computer logs and probed compromised email accounts to determine the extent of Agarwal’s misfeasance. Company lawyers investigated the legal implications of the intrusion to determine whether trade secrets were stolen or contracts were breached. Security employees reviewed video footage and replaced equipment related to office access. And employee productivity suffered because compromised user accounts and computers were temporarily taken offline to limit further damage.
Agarwal monitored the investigations, even listening-in on a conference call during which company employees discussed their efforts to find him. In April 2018, when it became clear he would be discovered, Agarwal resorted to desperate tactics to avoid detection—donning disguises, swapping vehicles, even filing a false police report. He was eventually taken into custody and fully cooperated with law enforcement. Agarwal maintains he did not sell or otherwise financially profit from the personal or technology information he obtained.
Agarwal waived indictment and pleaded guilty to one count of aggravated identity theft, in violation of 18 U.S.C. § 1028A(a)(1), and two counts under the CFAA for intentionally accessing a protected computer without authorization and obtaining information valued at more than $5,000, in violation of 18 U.S.C. §§ 1030(a)(2) and 1030(c)(2)(B)(iii). The plea agreement stated that sentencing was “within the sole discretion of the sentencing judge” and that the statutory maximum prison sentence was twelve years (five years for each CFAA violation, plus a mandatory two-
4 year term for identity theft that could not run concurrently with the CFAA sentences). App. 41.
Under the United States Sentencing Guidelines (USSG), the recommended prison term is influenced heavily by the loss suffered by the victims. USSG § 2B1.1(b)(1). Accordingly, Agarwal “reserve[d] the right to take any position with respect to [the] loss amount at sentencing.” App. 48. The plea agreement also provided that, so long as the District Court accepted certain factual stipulations, Agarwal “voluntarily and expressly waive[d] all right to appeal or collaterally attack his conviction, sentence, or any other matter relating to this prosecution,” subject to exceptions for “the sentencing court’s determination of [Agarwal’s] criminal history” or if an “aspect of the sentence . . . falls outside of any applicable statutory minimum or maximum.” App. 48–49.
The District Court accepted the plea after a lengthy colloquy, during which Agarwal acknowledged that, while “both [he and the government] . . . can make the arguments as to what they feel . . . is the appropriate [G]uidelines offense level, . . . [a]t the end of the day, [the court] determine[s] what that [G]uideline[s] level is,” App. 67, and “that once [he] enter[ed] the plea [he] can’t take it back because [he doesn’t] like or agree with the sentence.” App. 60.
Based on detailed documentation from the companies, the United States Probation Office in its Presentence Investigation Report (PSR) calculated the loss to be over $3,000,000, most of which was for salary expenses for employee time spent investigating and remediating the breaches. Because the loss was greater than $1,500,000, the resulting offense level was 27, yielding a Guidelines range of 70 to 87 months’ imprisonment for the CFAA
5 violations. USSG Ch. 5, Pt. A (Sentencing Table). After receiving the PSR, Agarwal did not seek to withdraw his plea; instead, consistent with the plea agreement, he disputed the loss amount. He filed a presentencing memorandum and argued at sentencing that salaries of company employees should be excluded from the loss calculation. In his view, the actual loss was potentially less than $550,000, which would lower the offense level by as many as four levels and reduce the upper range of the Guidelines by 30 months. See USSG § 2B1.1(b)(1)(G)–(I); USSG Ch. 5, Pt. A (Sentencing Table).
The District Court was unpersuaded by Agarwal’s argument and found that the loss exceeded $1,500,000. The Court sentenced Agarwal to 70 months’ imprisonment for the CFAA violations, at the bottom of the Guidelines range. Adding the mandatory two-year sentence for aggravated identity theft resulted in a total sentence of 94 months’ imprisonment. While Agarwal contested the loss amount before the District Court, he never suggested that the uncertainty in the loss calculations made his plea unknowing.
Free access — add to your briefcase to read the full text and ask questions with AI
PRECEDENTIAL
UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT ____________
No. 20-2890 ____________
UNITED STATES OF AMERICA
v.
ANKUR AGARWAL, Appellant ____________
On Appeal from the United States District Court for the District of New Jersey (D.C. No. 2-19-cr-00770-01) District Judge: Honorable Susan D. Wigenton ____________
Submitted under Third Circuit LAR 34.1(a) November 8, 2021
Before: HARDIMAN, MATEY, and SCIRICA, Circuit Judges.
(Filed: February 3, 2022) Tor B. Ekeland Tor Ekeland Law, PLLC 30 Wall Street 8th Floor New York, NY 10005 Counsel for Appellant
Rachael A. Honig Mark E. Coyne Richard J. Ramsay John F. Romano Office of United States Attorney 970 Broad Street Room 700 Newark, NJ 07102 Counsel for Appellee
____________
OPINION OF THE COURT ___________
HARDIMAN, Circuit Judge.
In this appeal, Ankur Agarwal asks us to vacate or modify the 94-month sentence he received after he pleaded guilty to aggravated identity theft and violations of the Computer Fraud and Abuse Act (CFAA). Agarwal argues his plea was unknowing because he could not have reasonably foreseen the nearly $3,000,000 in losses that would be attributed to his CFAA violations. The record demonstrates otherwise. Agarwal signed the plea agreement aware that the
2 loss amount was disputed and waived the right to appeal his sentence. We will affirm.
I
Agarwal was a contract network engineer and had security credentials that granted him access to the corporate offices and internal networks of several telecommunications companies. By early 2017, Agarwal’s contract with two companies had ended, but his credentials remained active. For over a year, Agarwal repeatedly used his credentials without authorization to enter the companies’ offices, log into their networks, and monitor their activities.
But that’s not all. To maintain access to one company’s internal computers, he installed key-logging software to obtain the usernames and passwords of other employees. He installed unauthorized hardware onto the company’s network, which he then used to access the network remotely. And he installed computer code that enabled him to surreptitiously transfer information related to technology the company was developing. Agarwal also began using a vacant office on the company’s premises without authorization. From there he accessed the company’s network, studied the company’s software, reviewed email, and made personal phone calls.
Agarwal also infiltrated the network of a second company. He obtained employees’ login credentials and transferred information about technology the company was developing. To gain access to the company’s premises, he used the personal identification information of another person and induced the company to create an access badge in that person’s name.
3 The companies eventually learned of Agarwal’s unauthorized activities and devoted significant resources to investigate and remediate the breaches. Cybersecurity employees reviewed months of computer logs and probed compromised email accounts to determine the extent of Agarwal’s misfeasance. Company lawyers investigated the legal implications of the intrusion to determine whether trade secrets were stolen or contracts were breached. Security employees reviewed video footage and replaced equipment related to office access. And employee productivity suffered because compromised user accounts and computers were temporarily taken offline to limit further damage.
Agarwal monitored the investigations, even listening-in on a conference call during which company employees discussed their efforts to find him. In April 2018, when it became clear he would be discovered, Agarwal resorted to desperate tactics to avoid detection—donning disguises, swapping vehicles, even filing a false police report. He was eventually taken into custody and fully cooperated with law enforcement. Agarwal maintains he did not sell or otherwise financially profit from the personal or technology information he obtained.
Agarwal waived indictment and pleaded guilty to one count of aggravated identity theft, in violation of 18 U.S.C. § 1028A(a)(1), and two counts under the CFAA for intentionally accessing a protected computer without authorization and obtaining information valued at more than $5,000, in violation of 18 U.S.C. §§ 1030(a)(2) and 1030(c)(2)(B)(iii). The plea agreement stated that sentencing was “within the sole discretion of the sentencing judge” and that the statutory maximum prison sentence was twelve years (five years for each CFAA violation, plus a mandatory two-
4 year term for identity theft that could not run concurrently with the CFAA sentences). App. 41.
Under the United States Sentencing Guidelines (USSG), the recommended prison term is influenced heavily by the loss suffered by the victims. USSG § 2B1.1(b)(1). Accordingly, Agarwal “reserve[d] the right to take any position with respect to [the] loss amount at sentencing.” App. 48. The plea agreement also provided that, so long as the District Court accepted certain factual stipulations, Agarwal “voluntarily and expressly waive[d] all right to appeal or collaterally attack his conviction, sentence, or any other matter relating to this prosecution,” subject to exceptions for “the sentencing court’s determination of [Agarwal’s] criminal history” or if an “aspect of the sentence . . . falls outside of any applicable statutory minimum or maximum.” App. 48–49.
The District Court accepted the plea after a lengthy colloquy, during which Agarwal acknowledged that, while “both [he and the government] . . . can make the arguments as to what they feel . . . is the appropriate [G]uidelines offense level, . . . [a]t the end of the day, [the court] determine[s] what that [G]uideline[s] level is,” App. 67, and “that once [he] enter[ed] the plea [he] can’t take it back because [he doesn’t] like or agree with the sentence.” App. 60.
Based on detailed documentation from the companies, the United States Probation Office in its Presentence Investigation Report (PSR) calculated the loss to be over $3,000,000, most of which was for salary expenses for employee time spent investigating and remediating the breaches. Because the loss was greater than $1,500,000, the resulting offense level was 27, yielding a Guidelines range of 70 to 87 months’ imprisonment for the CFAA
5 violations. USSG Ch. 5, Pt. A (Sentencing Table). After receiving the PSR, Agarwal did not seek to withdraw his plea; instead, consistent with the plea agreement, he disputed the loss amount. He filed a presentencing memorandum and argued at sentencing that salaries of company employees should be excluded from the loss calculation. In his view, the actual loss was potentially less than $550,000, which would lower the offense level by as many as four levels and reduce the upper range of the Guidelines by 30 months. See USSG § 2B1.1(b)(1)(G)–(I); USSG Ch. 5, Pt. A (Sentencing Table).
The District Court was unpersuaded by Agarwal’s argument and found that the loss exceeded $1,500,000. The Court sentenced Agarwal to 70 months’ imprisonment for the CFAA violations, at the bottom of the Guidelines range. Adding the mandatory two-year sentence for aggravated identity theft resulted in a total sentence of 94 months’ imprisonment. While Agarwal contested the loss amount before the District Court, he never suggested that the uncertainty in the loss calculations made his plea unknowing. He makes that argument for the first time in this appeal, requesting vacatur of his judgment and sentence, or a modification of the CFAA sentences to reflect a lower loss amount.
II
The District Court had jurisdiction under 28 U.S.C. § 3231 and we have jurisdiction under 28 U.S.C. § 1291 and 18 U.S.C. § 3742(a). The parties dispute the applicable
6 standard of review where, as here, the defendant argues for the first time on appeal that his plea was unknowing.
III
“[A] guilty plea is a grave and solemn act . . . accepted only with care and discernment.” Brady v. United States, 397 U.S. 742, 748 (1970). Because a guilty plea is not merely “an admission of past conduct,” but also a waiver of important constitutional rights, it must be knowing and voluntary. Id. at 748. So district courts engage the defendant in a lengthy colloquy “to ensure that he understands the law of his crime in relation to the facts of his case, as well as his rights as a criminal defendant,” and has entered the plea voluntarily, free from unlawful threats or promises. United States v. Vonn, 535 U.S. 55, 62 (2002); Fed. R. Crim. P. 11(b).
A defendant’s ability to withdraw a guilty plea wanes as the case proceeds. Before the trial court has accepted the plea, the defendant has considerable flexibility; he may withdraw the plea “for any reason or no reason.” Fed. R. Crim. P. 11(d)(1). But “[o]nce a court accepts a defendant’s guilty plea, the defendant is not entitled to withdraw that plea simply at his whim.” United States v. Jones, 336 F.3d 245, 252 (3d Cir. 2003). After the trial court accepts the plea and before sentencing, a defendant must show a “fair and just reason” for withdrawal. Fed. R. Crim. P. 11(d)(2)(B); see Jones, 336 F.3d at 252. At this stage, the defendant bears a “substantial burden.” United States v. Siddons, 660 F.3d 699, 703 (3d Cir. 2011) (citing United States v. King, 604 F.3d 125, 139 (3d Cir. 2010)). “[A] shift in defense tactics, a change of mind, or the fear of punishment are not adequate reasons” for withdrawal. Id. (quoting Jones, 336 F.3d at 252).
7 After a sentence has been imposed, withdrawal becomes even harder—“the plea may be set aside only on direct appeal or collateral attack.” Fed. R. Cr. P. 11(e). This rule “create[s] an incentive to file withdrawal motions before sentenc[ing], not afterward.” Vonn, 535 U.S. at 72. And it encourages a defendant “to think through a guilty plea before [a] sentence is imposed,” and “tends to separate meritorious second thoughts . . . [from] mere sour grapes over a sentence once pronounced.” Id. Finally, it “concentrates plea litigation in the trial courts, where genuine mistakes can be corrected easily, and promotes the finality required in a system as heavily dependent on guilty pleas as ours.” Id.
“[C]oncern with finality” has “special force with respect to convictions based on guilty pleas.” United States v. Timmreck, 441 U.S. 780, 784 (1979).
[I]f a plea of guilty could be retracted with ease after sentence, the accused might be encouraged to plead guilty to test the weight of potential punishment, and withdraw the plea if the sentence were unexpectedly severe. The result would be to undermine respect for the courts and fritter away the time and painstaking effort devoted to the sentencing process.
United States v. Stayton, 408 F.2d 559, 561 n.4 (3d Cir. 1969) (citation and quotation omitted). Indeed, a lesser standard risks “degrad[ing] the otherwise serious act of pleading guilty into something akin to a move in a game of chess.” United States v. Hyde, 520 U.S. 670, 677 (1997).
The deferential standards governing appellate review of guilty plea challenges reflect our system’s strong interest in
8 finality. We review a trial court’s order denying a defendant’s motion to withdraw his plea for abuse of discretion. King, 604 F.3d at 139. And when the basis for withdrawal of the plea is an alleged defect in the Rule 11 plea colloquy, objections not made in the trial court are subject to plain error review. United States v. Dixon, 308 F.3d 229, 233–34 (3d Cir. 2002) (citing Vonn, 535 U.S. at 58–59). The silent defendant carries the burden on appeal for good reason: otherwise, “[a] defendant could simply relax and wait to see if the sentence later struck him as satisfactory; if not, his Rule 11 silence would have left him with clear but uncorrected Rule 11 error to place on the Government’s shoulders.” Vonn, 535 U.S. at 73. “[T]he value of finality requires defense counsel to be on his toes, not just the judge, and the defendant who just sits there when a mistake can be fixed cannot just sit there when he speaks up later on.” Id.
Where, as here, the defendant challenges the validity of a guilty plea for the first time on direct appeal without alleging a Rule 11 error, we have not articulated the standard of review that applies. See, e.g., United States v. Schweitzer, 454 F.3d 197, 202–03, 203 n.4 (3d Cir. 2006) (finding defendant’s plea was knowing and voluntary without identifying the standard of review). But whether the defendant alleges a particular Rule 11 defect or claims his plea was invalid for another reason, the same interests in finality apply. We thus review Agarwal’s claim that his plea was unknowing due to the uncertainty in the
9 loss amount—a claim he did not make before the trial court— for plain error.1
IV
Under plain error review, we have discretion to correct an error when the defendant establishes (1) the district court committed error, (2) the error is clear and obvious, and (3) the error affected the defendant’s substantial rights. Rosales- Mireles v. United States, 138 S. Ct. 1897, 1904 (2018). If these
1 The Tenth Circuit has similarly applied plain error review to challenges to plea validity first made on direct appeal. See, e.g., United States v. Vidal, 561 F.3d 1113, 1118–19 (10th Cir. 2009) (“review[ing] for plain error” because defense “counsel never made an express objection [to the trial court] challenging the validity of [the] plea” and “never filed any motions to withdraw the plea”). Other circuits have invoked different standards, left the standard of review unspecified, or declined to entertain the challenge. See, e.g., United States v. Frye, 402 F.3d 1123, 1126–27 (11th Cir. 2005) (reviewing “[t]he voluntariness of a guilty plea . . . de novo” (citation omitted)); United States v. Glinsey, 209 F.3d 386, 397 (5th Cir. 2000) (finding defendant’s plea knowing and voluntary based on the record without specifying the standard of review); United States v. Rodriguez-Morales, 647 F.3d 395, 398 (1st Cir. 2011) (electing “not [to] resolve” what standard of review applies to a challenge to the validity of a guilty plea since the defendant’s “claim fails under any of the applicable standards”); United States v. Umanzor, 617 F.3d 1053, 1060 (8th Cir. 2010) (declining to consider a challenge to the voluntariness of a plea made for the first time on direct appeal).
10 conditions are met, we will correct the error if it “seriously affects the fairness, integrity or public reputation of judicial proceedings.” Id. at 1905 (citations and quotations omitted). The record in this case shows that Agarwal’s plea was made knowingly and voluntarily; Agarwal has failed to establish any error, much less one that is plain.
The unambiguous language of the plea agreement and Agarwal’s responses during the plea hearing show he was aware he faced up to twelve years in prison. The plea agreement advised Agarwal that each CFAA violation “carries a statutory maximum prison sentence of five years,” and the aggravated identity theft charge “carries a statutory mandatory sentence of two years[],” exposing him to up to twelve years’ imprisonment. App. 41. The agreement reiterated that Agarwal’s sentence was “within the sole discretion of the sentencing judge,” who could impose a sentence “up to and including the statutory maximum term.” Id. And Agarwal affirmed during the colloquy that he reviewed the plea, was aware of “the maximum penalties associated with the offenses to which he [was] entering a plea of guilty,” and understood that the District Court had “the discretion to impose the sentence that [it felt was] appropriate.” App. 61, 70.
By expressly “reserv[ing] the right to take any position with respect to loss amount at sentencing” in his plea agreement, Agarwal acknowledged that the crucial CFAA loss was disputed. App. 48. He told the District Court at the plea hearing that he and the Government could not “reach a conclusion on the [G]uideline[s] range, so we left it open,” and affirmed his understanding that both he and the Government could “make . . . arguments as to what . . . the appropriate [G]uidelines offense level [was],” but that the final determination of the offense level was for the Court. App. 67.
11 Agarwal’s counsel also understood the precise nature of the loss dispute—whether internal employee salaries should be included in the loss calculation—and argued in his presentencing memorandum and at sentencing that salaries should be excluded.
In sum, the fact that the District Court determined a loss—and imposed a sentence—higher than Agarwal proposed does not make his plea unknowing. “[A]ll that the law requires is that the defendant be informed of his/her exposure in pleading guilty. The law does not require that a defendant be given a reasonably accurate ‘best guess’ as to what his/her actual sentence will be.” United States v. Mustafa, 238 F.3d 485, 492 n.5 (3d Cir. 2001). If Agarwal believed he had been misled after learning of the Government’s loss calculations in the PSR, he could have—and should have—moved to withdraw his plea then, when he would have been required to present only a “fair and just reason” for withdrawal. See Fed. R. Crim. P. 11(d)(2)(B). Because he failed to do so, he cannot now persuasively argue his plea was unknowing merely because he is disappointed or surprised that the District Court credited the Government’s calculations rather than his own.
V
Agarwal’s fallback position is that we modify his CFAA sentences to run concurrently and reduce their length to reflect a lower loss amount. But Agarwal expressly waived his right to appeal his sentence, so long as the sentence fell within the maximum term specified. “We decline to exercise jurisdiction over the appeal where the issues on appeal fall within the scope of the waiver and the defendant knowingly and voluntarily agreed to the waiver, unless ‘enforcing the waiver would work a miscarriage of justice.’” United States v.
12 Saferstein, 673 F.3d 237, 242 (3d Cir. 2012) (quoting United States v. Corso, 549 F.3d 921, 927 (3d Cir. 2008)).
Agarwal does not challenge the validity of the appellate waiver apart from the challenge to his guilty plea. We have rejected Agarwal’s claim that his plea was unknowing, and the record shows that the appellate waiver was likewise knowing, voluntary, and applicable to his sentence. Nor has Agarwal shown that enforcing the waiver results in any “miscarriage of justice”—an exception to enforcement “applied sparingly and without undue generosity.” United States v. Wilson, 429 F.3d 455, 458 (3d Cir. 2005) (quoting United States v. Teeter, 257 F.3d 14, 26 (1st Cir. 2001)). Accordingly, we will not review the merits of his sentencing challenge. See United States v. Gwinnett, 483 F.3d 200, 203 (3d Cir. 2007).
VI
The District Court told Agarwal that he faced up to twelve years in prison. His 94-month sentence was more than four years less than the statutory maximum. Agarwal’s unsuccessful attempt to persuade the District Court that the loss he caused was less than $1,500,000 did not render his valid plea unknowing or involuntary. We will affirm the judgment of the District Court.